Re: [libvirt] [PATCH 5/6] conf: Move <disk> encryption validation
On Thu, Sep 14, 2017 at 14:03:09 -0400, John Ferlan wrote:
Rather than checking during XML processing, move the check for
valid <encryption> into virDomainDiskDefParseValidate.
Signed-off-by: John Ferlan <jferlan(a)redhat.com>
---
src/conf/domain_conf.c | 29 +++++++++++++++++------------
1 file changed, 17 insertions(+), 12 deletions(-)
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 07bda1a36..09c5bc1ae 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -8605,7 +8605,23 @@ virDomainDiskDefParseValidate(const virDomainDiskDef *def)
}
}
- return virDomainDiskSourceDefParseAuthValidate(def->src);
+ if (virDomainDiskSourceDefParseAuthValidate(def->src) < 0)
This is the exact reason why I did not like this style in the patch that
added it.
+ return -1;
+
+ if (def->src->encryption) {
+ virStorageEncryptionPtr encryption = def->src->encryption;
+
+ if (encryption->format == VIR_STORAGE_ENCRYPTION_FORMAT_LUKS &&
+ encryption->encinfo.cipher_name) {
+
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+ _("supplying the <cipher> for a domain is "
+ "unnecessary"));
Perhaps we can improve the message now. How about:
"supplying <cipher> for domain disk definition is unnecessary" ?
+ return -1;
+ }
ACK
Attachments:
- signature.asc (application/pgp-signature — 833 bytes)